Balancing GDPR and the need for connected healthcare

General Data Protection Regulation (GDPR) is upon us – the change in the law that applies to all companies processing data of EU citizens, across all sectors and industries.  

As a citizen, I’ve welcomed the law with enthusiastic applause as it means I get more control over my own data and more transparency in the way it is processed. This regulation gives me, as an individual, ‘digital rights’ - very timely given recent data sharing concerns and scandals.   

Whilst that is my personal view, as a professional working for a global health and care technology company like Cerner, my thoughts are more nuanced. Staying abreast of data protection regulations with evolving policy is a constant balance between our mission to improve health and care through interoperable and intelligent systems, and a commitment to protect patient data and a person’s right to privacy. The journey to data protection compliance has been challenging in many ways, often with a lack of clarity about how to interpret and apply the regulation’s direction.  

Sharing information to drive change 

Patients that want a connected care experience expect their full care team to have access to the right information at the right time. It is certain that effective sharing of data enables better care delivery, enhanced decision making, improved outcomes and a positive patient experience – all benefits that the majority of citizens would appreciate. We know that a single source of truth is essential to all of these things, and intelligently engaging the population can truly manage citizens’ health.  

Organisations are now appreciating the shared need to deliver more proactive and preventative care using innovative technology and intelligence. However, no innovation is without its challenges, and data is a key component of this one. Patient, medical, health and care data must be shared and used safely, properly, and confidentially. With new and evolving technology, ever more sophisticated cyber threats, and widely variable public perception, GDPR, data sharing and consent are arguably the greatest challenges for organisations wishing to innovate, integrate health and care, and truly manage the wellbeing of their population in this digital age. 

Further challenges arise when the data sharing plays a wider role than just direct patient care. With intelligence, it can improve service planning, predict outcomes and reduce risk, inform finances and support research. When applicable, there must be consideration given to de-identifying and anonymising data to protect the citizens’ right to privacy – and this needs clarity over what activities constitute ‘direct care’ and what doesn’t, and when explicit consent is required. 

All about communication 

An inherent fear remains over privacy, data protection and potentially misuse, a fear that risks stifling innovation, and hindering intelligent population health management.  

Through GDPR, data controllers have an opportunity to re-engage with the public, and be open and transparent about their processes and purpose. We have found that transparency is key. Informing the public of the purpose, intentions and benefits can make the difference, while opting out when the data use purpose changes for secondary reasons other than direct care needs rapid clarification for both professionals and the public. 

Using data, the right way 

GDPR has far-reaching implications, and no one has all of the answers yet. However, all organisations must work in partnership with each other and their communities to enable data to be stored and transferred securely across the health and care system regardless of its location. Data should be visible to all approved persons aligned with an intended use. Data should be interpreted by the right professionals in the right moment and ultimately, patient data belongs to the citizen.  

These are the principles that Cerner commits to while working with our clients on population health management. We work in partnerships driven by mutual trust, transparency and commitment to citizens’ best interest – and helping the health and social care system be the best it can be.    

For more from techUK Data Protection Week, visit our landing page. 

FROM SOCIAL MEDIA

Delighted to have @johnjabbott from @getyoti speaking and sponsoring #techUKSmarterState To join us book at: https://t.co/a2TODeevkq
What technology has the most potential to revolutionise public service outcomes? Follow us, retweet & answer to be… https://t.co/eae95tKFz4
Great to see @OfficeforSandS launch the new National Product Safety Strategy and you can see our take on it here -… https://t.co/dJgBlOjvGb
Check out @techUKdepCEO's response to the Migration Watch paper claiming that IT companies exploit an immigration '… https://t.co/naqNrqxaBB
Are you a #govtech company with an innovative idea for tackling road traffic congestion? @gdsteam are looking for o… https://t.co/ZeUm7uEc2R
techUK would love for you to attend our Accelerating CAV Uptake on our Roads event in Oxford on 4 September to exam… https://t.co/WQuCVuTQbg
We are delighted to have @ICENorthWest and @the_brc as industry partners of #Supercharging18 You won't want to miss… https://t.co/lL1Z8HcKIy